[EMAIL PROTECTED] wrote:
Date: Mon, 17 Dec 2007 14:04:50 -0000
From: "David Harley" <[EMAIL PROTECTED]>
Subject: RE: [funsec] Oops
To: <[EMAIL PROTECTED]>, <funsec@linuxbox.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
I hazarded a guess in November re the HMRC snafu that:
I'd guess that the "public face of government" doesn't know
about the quality of the encryption. There are applicable
guidelines and standards prescribed by central government,
but they won't necessarily even be accessible at junior (or
even senior) level in a specific department. The UK
government (in the sense of the permanent establishment
rather than the prevailing party-in-power) has an entrenched
culture of secrecy which often works against it.
Today, I read in the Register that:
"HMRC restricted details of its security procedures to senior officials, it
has emerged, just weeks after the department pilloried a junior official for
loading the UK's child benefit database onto CDs which were then lost.
The department had a detailed manual covering procedures for handling the
benefits database and other sensitive information. However, the manual
itself was considered too sensitive to be widely distributed, so it was
restricted to civil servants only, The Guardian reports."
Sigh...
More at http://www.theregister.co.uk/2007/12/17/hmrc_manual/.
--
David Harley
AVIEN Administrator: http://www.avien.org
http://www.smallblue-greenworld.co.uk
LOL! Biting the hand that feeds you?
---
Sincerely,
Daniel H. Renner
President
Los Angeles Computerhelp
A division of Computerhelp, Inc.
818-352-8700
http://losangelescomputerhelp.com
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
